| blob | eb97d846ae1905788b9f1b4aa7969de5aba86e45 |
1 /* app.c - Application selection.
2 * Copyright (C) 2003, 2004, 2005 Free Software Foundation, Inc.
3 *
4 * This file is part of GnuPG.
5 *
6 * GnuPG is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
10 *
11 * GnuPG is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, see <http://www.gnu.org/licenses/>.
18 */
20 #include <config.h>
21 #include <errno.h>
22 #include <stdio.h>
23 #include <stdlib.h>
24 #include <string.h>
25 #include <pth.h>
33 /* This table is used to keep track of locks on a per reader base.
34 The index into the table is the slot number of the reader. The
35 mutex will be initialized on demand (one of the advantages of a
36 userland threading system). */
37 static struct
38 {
40 pth_mutex_t lock;
50 \f
51 /* Lock the reader SLOT. This function shall be used right before
52 calling any of the actual application functions to serialize access
53 to the reader. We do this always even if the reader is not
54 actually used. This allows an actual connection to assume that it
55 never shares a reader (while performing one command). Returns 0 on
56 success; only then the unlock_reader function must be called after
57 returning from the handler. */
58 static gpg_error_t
60 {
61 gpg_error_t err;
67 {
69 {
73 }
77 }
80 {
85 }
88 }
90 /* Release a lock on the reader. See lock_reader(). */
91 static void
93 {
102 }
105 static void
107 {
108 #ifdef _W32_PTH_H
111 #else
116 else
118 #endif
119 }
122 /* This function may be called to print information pertaining to the
123 current state of this module to the log. */
124 void
126 {
131 {
135 {
139 }
141 {
145 }
147 }
148 }
150 /* Check wether the application NAME is allowed. This does not mean
151 we have support for it though. */
152 static int
154 {
155 strlist_t l;
161 }
164 /* This may be called to tell this module about a removed or resetted card. */
165 void
167 {
168 app_t app;
173 /* FIXME: We are ignoring any error value here. */
176 /* Mark application as non-reusable. */
180 /* Deallocate a saved application for that slot, so that we won't
181 try to reuse it. If there is no saved application, set a flag so
182 that we won't save the current state. */
186 {
189 }
191 }
194 /* This function is used by the serialno command to check for an
195 application conflict which may appear if the serialno command is
196 used to request a specific application and the connection has
197 already done a select_application. */
198 gpg_error_t
200 {
202 app_t app;
212 }
215 /* If called with NAME as NULL, select the best fitting application
216 and return a context; otherwise select the application with NAME
217 and return a context. SLOT identifies the reader device. Returns
218 an error code and stores NULL at R_APP if no application was found
219 or no card is present. */
220 gpg_error_t
222 {
223 gpg_error_t err;
236 /* First check whether we already have an application to share. */
240 {
246 }
248 /* Don't use a non-reusable marked application. */
250 {
256 }
258 /* If we don't have an app, check whether we have a saved
259 application for that slot. This is useful so that a card does
260 not get reset even if only one session is using the card - this
261 way the PIN cache and other cached data are preserved. */
263 {
266 {
267 /* Yes, we can reuse this application - either the caller
268 requested an unspecific one or the requested one matches
269 the saved one. */
272 }
273 else
274 {
275 /* No, this saved application can't be used - deallocate it. */
279 }
280 }
282 /* If we can reuse an application, bump the reference count and
283 return it. */
285 {
294 }
296 /* Need to allocate a new one. */
299 {
304 }
308 /* Fixme: We should now first check whether a card is at all
309 present. */
311 /* Try to read the GDO file first to get a default serial number. */
318 {
326 {
327 /* The object it does not fit into the buffer. This is an
328 invalid encoding (or the buffer is too short. However, I
329 have some test cards with such an invalid encoding and
330 therefore I use this ugly workaround to return something
331 I can further experiment with. */
333 n--;
334 }
337 {
338 /* The GDO file is pretty short, thus we simply reuse it for
339 storing the serial number. */
346 }
347 else
350 }
352 /* For certain error codes, there is no need to try more. */
357 /* Figure out the application to use. */
375 leave:
377 {
381 else
387 }
395 }
400 {
407 NULL
408 };
426 }
429 /* Deallocate the application. */
430 static void
432 {
434 {
437 }
441 }
443 /* Free the resources associated with the application APP. APP is
444 allowed to be NULL in which case this is a no-op. Note that we are
445 using reference counting to track the users of the application and
446 actually deferring the deallocation to allow for a later reuse by
447 a new connection. */
448 void
450 {
461 /* Move the reference to the application in the lock table. */
463 /* FIXME: We are ignoring any error value. */
466 {
471 }
476 {
477 /* If we shall not re-use the application we can't save it for
478 later use. */
481 }
482 else
486 }
490 /* The serial number may need some cosmetics. Do it here. This
491 function shall only be called once after a new serial number has
492 been put into APP->serialno.
494 Prefixes we use:
496 FF 00 00 = For serial numbers starting with an FF
497 FF 01 00 = Some german p15 cards return an empty serial number so the
498 serial number from the EF(TokenInfo) is used instead.
499 FF 7F 00 = No serialno.
501 All other serial number not starting with FF are used as they are.
502 */
503 gpg_error_t
505 {
507 {
508 /* The serial number starts with our special prefix. This
509 requires that we put our default prefix "FF0000" in front. */
518 }
520 {
528 }
530 }
534 /* Retrieve the serial number and the time of the last update of the
535 card. The serial number is returned as a malloced string (hex
536 encoded) in SERIAL and the time of update is returned in STAMP. If
537 no update time is available the returned value is 0. Caller must
538 free SERIAL unless the function returns an error. If STAMP is not
539 of interest, NULL may be passed. */
540 gpg_error_t
542 {
554 else
561 }
564 /* Write out the application specifig status lines for the LEARN
565 command. */
566 gpg_error_t
568 {
569 gpg_error_t err;
578 /* We do not send APPTYPE if only keypairinfo is requested. */
588 }
591 /* Read the certificate with id CERTID (as returned by learn_status in
592 the CERTINFO status lines) and return it in the freshly allocated
593 buffer put into CERT and the length of the certificate put into
594 CERTLEN. */
595 gpg_error_t
598 {
599 gpg_error_t err;
613 }
616 /* Read the key with ID KEYID. On success a canonical encoded
617 S-expression with the public key will get stored at PK and its
618 length (for assertions) at PKLEN; the caller must release that
619 buffer. On error NULL will be stored at PK and PKLEN and an error
620 code returned.
622 This function might not be supported by all applications. */
623 gpg_error_t
625 {
626 gpg_error_t err;
645 }
648 /* Perform a GETATTR operation. */
649 gpg_error_t
651 {
652 gpg_error_t err;
660 {
664 }
666 {
677 }
687 }
689 /* Perform a SETATTR operation. */
690 gpg_error_t
695 {
696 gpg_error_t err;
710 }
712 /* Create the signature and return the allocated result in OUTDATA.
713 If a PIN is required the PINCB will be used to ask for the PIN; it
714 should return the PIN in an allocated buffer and put it into PIN. */
715 gpg_error_t
721 {
722 gpg_error_t err;
741 }
743 /* Create the signature using the INTERNAL AUTHENTICATE command and
744 return the allocated result in OUTDATA. If a PIN is required the
745 PINCB will be used to ask for the PIN; it should return the PIN in
746 an allocated buffer and put it into PIN. */
747 gpg_error_t
753 {
754 gpg_error_t err;
773 }
776 /* Decrypt the data in INDATA and return the allocated result in OUTDATA.
777 If a PIN is required the PINCB will be used to ask for the PIN; it
778 should return the PIN in an allocated buffer and put it into PIN. */
779 gpg_error_t
785 {
786 gpg_error_t err;
805 }
808 /* Perform the WRITECERT operation. */
809 gpg_error_t
815 {
816 gpg_error_t err;
833 }
836 /* Perform the WRITEKEY operation. */
837 gpg_error_t
843 {
844 gpg_error_t err;
861 }
864 /* Perform a SETATTR operation. */
865 gpg_error_t
870 {
871 gpg_error_t err;
888 }
891 /* Perform a GET CHALLENGE operation. This fucntion is special as it
892 directly accesses the card without any application specific
893 wrapper. */
894 gpg_error_t
896 {
897 gpg_error_t err;
909 }
913 /* Perform a CHANGE REFERENCE DATA or RESET RETRY COUNTER operation. */
914 gpg_error_t
918 {
919 gpg_error_t err;
936 }
939 /* Perform a VERIFY operation without doing anything lese. This may
940 be used to initialze a the PIN cache for long lasting other
941 operations. Its use is highly application dependent. */
942 gpg_error_t
946 {
947 gpg_error_t err;
963 }